risk management

Download Free Samples of Information Technology Technical Skills Matrix Template. If you're a company want to assess the skill level of your employee. Or you just an HR Department who trying to create a balanced score card system then you can simplyfing it by creating IT Skill Matrix like this.

This skills matrix contain requirement such as:
Administration
- Database
- Network or Operating System
- SAP Basis, SIEBEL

Download Free IT Security Plan Template

The purpose of the system security plan (SSP) is to provide an overview of federal information system security requirements and describe the controls in place or planned to meet those requirements. The SSP also delineates responsibilities and expected behavior of all individuals who access the information system and should be viewed as documentation of the structured process for planning adequate, cost-effective security protection for a major application or general support system. It should reflect input from various managers with responsibilities concerning the information system, including information owner(s), system owner(s), system operator(s), and the information security manager. Additional information may be included in the basic plan, and the structure and format organized according to requirements.

Regulations and Standards Before 9-11 September Eleven Attacks (1991-2001)
- Consumer Credit Protection Act
- OMB Circular A-130
- FEMA Guidance Document
- Paperwork Reduction Act
- FFIEC BCP Handbook
- Computer Security Act
- 12 CFR Part 18
- Presidential Decision Directive 67
- FDA Guidance on Computerized Systems used in Clinical Trials
- ANSI/NFPA Standard 1600
- Turnbull Report (UK)
- ANAO Best Practice Guide (Australia)
- SEC Rule 17 a-4

Regulations and Standards After 9-11 September Eleven Attacks (2002-2004)
- Sarbanes-Oxley Act of 2002
- HIPAA, Final Security Rule

Download Free Information Risk Management Policy Template

Purpose
The purpose of this policy is to ensure that risks to University information are identified, analyzed, and managed so that they are maintained at acceptable levels. Risks to the confidentiality, integrity, and availability of university information are considered.

Scope
This policy applies to all University departments and functions that collect, transmit, or retain non-public University information in any form.

Download Free Major Incident and Disaster Recovery Plan (DRP)

The University has recognised the need to produce a comprehensive Plan (Disaster Recovery Plan) to deal with the immediate consequences and aftermath of a major incident situation.

The Disaster Recovery Plan (DRP) concentrates on dealing with major incidents involving physical damage to University assets.